Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c63652-d03e-4134-bfd3-e298a43b8930/1/VnRfBxlbuhTeBL6PKQucn0tlg5E.roa
File: VnRfBxlbuhTeBL6PKQucn0tlg5E.roa (raw, json)
Hash identifier: Bph1wb62mDDxB2WbDQpJtXbJoKB9Ap/4aQdxK21GxNM=
Subject key identifier: 56:74:5F:07:19:5B:BA:14:DE:04:BE:8F:29:0B:9C:9F:4B:65:83:91
Certificate issuer: /CN=1685cdba5d7daf6ddccf8675a90a25b6ed6444d7
Certificate serial: 018331F78A74305C7B15A26D1A0EA526B049
Authority key identifier: 16:85:CD:BA:5D:7D:AF:6D:DC:CF:86:75:A9:0A:25:B6:ED:64:44:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FoXNul19r23cz4Z1qQoltu1kRNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c63652-d03e-4134-bfd3-e298a43b8930/1/VnRfBxlbuhTeBL6PKQucn0tlg5E.roa
Signing time: Mon 12 Sep 2022 13:50:49 +0000
ROA not before: Mon 12 Sep 2022 13:50:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203020
IP address blocks: 91.199.253.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:31:f7:8a:74:30:5c:7b:15:a2:6d:1a:0e:a5:26:b0:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1685cdba5d7daf6ddccf8675a90a25b6ed6444d7
Validity
Not Before: Sep 12 13:50:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=56745f07195bba14de04be8f290b9c9f4b658391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2f:a9:46:59:ea:a8:a7:61:96:cd:de:9e:f5:
a9:03:3f:70:ad:bd:95:3e:e8:aa:e6:37:c2:d4:6f:
ca:0a:af:63:20:22:9a:95:ae:8c:29:e1:6c:9e:04:
d5:66:e4:7f:36:85:55:f5:16:f0:36:8d:b9:1b:74:
76:55:32:37:06:7c:c5:2a:dd:ca:5a:05:50:76:03:
a1:2e:c0:4a:02:68:43:01:a1:6f:00:43:e8:70:83:
a4:a0:ca:41:47:0d:8b:24:4f:25:19:3b:13:14:78:
ca:26:cd:5c:19:a3:f2:63:7a:e5:20:1d:fe:91:74:
8a:c8:67:d6:81:07:50:06:84:15:aa:12:df:60:1a:
74:9b:db:85:49:5f:58:7c:a8:f0:9b:22:2d:4a:da:
3a:f4:b7:09:20:b7:b5:ea:85:b1:9b:03:c7:4f:da:
4f:92:d4:9b:de:c6:1f:60:3c:88:16:16:15:66:85:
e6:60:7f:37:71:58:54:db:a9:e1:d1:f3:0c:db:0a:
f9:bd:8a:25:d5:96:ca:43:b0:a7:a1:3a:f5:1c:d3:
4e:29:99:5e:b2:ee:cc:44:e7:f3:a9:5d:f0:aa:95:
88:07:fe:00:0c:71:83:2b:d0:cd:52:66:48:7c:8e:
5a:de:89:3c:f7:e1:d9:de:75:33:89:e0:23:01:24:
42:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:74:5F:07:19:5B:BA:14:DE:04:BE:8F:29:0B:9C:9F:4B:65:83:91
X509v3 Authority Key Identifier:
keyid:16:85:CD:BA:5D:7D:AF:6D:DC:CF:86:75:A9:0A:25:B6:ED:64:44:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FoXNul19r23cz4Z1qQoltu1kRNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c63652-d03e-4134-bfd3-e298a43b8930/1/VnRfBxlbuhTeBL6PKQucn0tlg5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c63652-d03e-4134-bfd3-e298a43b8930/1/FoXNul19r23cz4Z1qQoltu1kRNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.253.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:e8:dc:26:80:b6:c1:81:fa:78:cd:62:07:7e:f5:20:c2:25:
56:da:0f:20:40:24:36:5a:ca:cc:d0:e9:1a:a2:f2:b2:90:16:
8d:eb:a3:15:e9:b3:89:be:6f:73:39:3c:b9:7a:01:52:af:19:
8a:e7:e5:34:12:93:19:0b:e6:5f:7a:61:bd:73:50:b1:90:09:
52:df:54:6e:32:f3:15:aa:7d:4b:02:d6:55:d7:05:f8:fd:f4:
b0:dc:43:75:7c:54:b2:00:d8:ec:ca:43:96:00:35:bd:39:6c:
75:3e:34:d8:42:47:0d:0f:cd:f3:50:30:2d:4a:3d:cb:8d:54:
f3:81:55:40:e8:15:52:92:f3:77:cc:7d:f5:70:a8:e3:48:a3:
68:22:a8:26:3a:e1:cb:01:7c:d4:87:4e:8f:ef:c6:c7:f9:d7:
77:1f:ae:86:14:e3:c5:56:9a:c1:14:5b:50:4e:02:6e:79:fd:
be:6b:70:05:cc:78:70:12:2c:a0:1d:81:2c:7c:48:0e:4c:7d:
c8:92:04:f9:2b:d6:16:ca:10:57:2e:0e:21:72:8c:7c:04:87:
e4:9f:8a:69:5b:8a:b2:70:37:ba:76:ab:d1:26:1a:ca:96:d3:
da:9c:32:d4:bd:89:af:2b:9e:eb:73:f6:bc:a7:fe:ab:a4:57:
10:97:2a:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMx94p0MFx7FaJtGg6lJrBJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ODVjZGJhNWQ3ZGFmNmRkY2NmODY3NWE5MGEyNWI2ZWQ2
NDQ0ZDcwHhcNMjIwOTEyMTM1MDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Njc0NWYwNzE5NWJiYTE0ZGUwNGJlOGYyOTBiOWM5ZjRiNjU4MzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsi+pRlnqqKdhls3envWpAz9wrb2V
Puiq5jfC1G/KCq9jICKala6MKeFsngTVZuR/NoVV9RbwNo25G3R2VTI3BnzFKt3K
WgVQdgOhLsBKAmhDAaFvAEPocIOkoMpBRw2LJE8lGTsTFHjKJs1cGaPyY3rlIB3+
kXSKyGfWgQdQBoQVqhLfYBp0m9uFSV9YfKjwmyItSto69LcJILe16oWxmwPHT9pP
ktSb3sYfYDyIFhYVZoXmYH83cVhU26nh0fMM2wr5vYol1ZbKQ7CnoTr1HNNOKZle
su7MROfzqV3wqpWIB/4ADHGDK9DNUmZIfI5a3ok89+HZ3nUzieAjASRCuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFZ0XwcZW7oU3gS+jykLnJ9LZYORMB8GA1UdIwQY
MBaAFBaFzbpdfa9t3M+GdakKJbbtZETXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm9YTnVsMTlyMjNjejRaMXFRb2x0dTFrUk5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jNjM2NTItZDAzZS00MTM0LWJmZDMt
ZTI5OGE0M2I4OTMwLzEvVm5SZkJ4bGJ1aFRlQkw2UEtRdWNuMHRsZzVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jNjM2NTItZDAzZS00MTM0LWJmZDMtZTI5OGE0M2I4OTMw
LzEvRm9YTnVsMTlyMjNjejRaMXFRb2x0dTFrUk5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8f9MA0G
CSqGSIb3DQEBCwUAA4IBAQCy6NwmgLbBgfp4zWIHfvUgwiVW2g8gQCQ2WsrM0Oka
ovKykBaN66MV6bOJvm9zOTy5egFSrxmK5+U0EpMZC+ZfemG9c1CxkAlS31RuMvMV
qn1LAtZV1wX4/fSw3EN1fFSyANjsykOWADW9OWx1PjTYQkcND83zUDAtSj3LjVTz
gVVA6BVSkvN3zH31cKjjSKNoIqgmOuHLAXzUh06P78bH+dd3H66GFOPFVprBFFtQ
TgJuef2+a3AFzHhwEiygHYEsfEgOTH3IkgT5K9YWyhBXLg4hcox8BIfkn4ppW4qy
cDe6dqvRJhrKltPanDLUvYmvK57rc/a8p/6rpFcQlyrk
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:43 2023 by rpki-client on console-fra.rpki-client.org